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^ Inter-organization networks: impiications of access control: requirements for interconnection )mM 
protocol 

D Estrin 

August 1986 f^Qf^ SIGCOMM Computer Communication Review , Proceedings of the ACM 

SIGCOMM conference on Communications architectures & protocols SIGCOMM '86, 

Volume 16 Issue 3 

Publisher ACM Press 

Full text available: ja^tfiSlKLlJLMSl Additional Infonnation: full citotfon. rt>^ trflCl refefftnces . ipd?,t,.termtt 

m 

When two or nnore distinct organizations interconnect their internal computer networks they fornn an 
Inter-Organization Network(ION). lONs support the exchange of cad/cann data between 
manufacturers and subcontractors, software distribution from vendors to users, customer input to 
suppliers' order-entry systems, and the shared use of expensive computational resources by 
research laboratories, as examples. This paper analyzes the technical implications of interconnecting 
networ ... 



* Performance evaluation of a MAC protocol for wireless ATM networks supporting the ATM 
service cate g ories 

B. Van Houdt, C. Blondia, 0. Casals, J. Garcia, D. Vazquez 

August 1999 Proceedings of the 2nd ACM international workshop on Wireless mobile multimedia 



Publisher: ACM Press 
Full text avmtat>le: ^^Bflf[S9.3j2-KBl 



Additional Information: fu*,' ciU >tion. ffiffit^KfiS. jpff ey terms 



' Flexible control of downloaded executable content 
Trent Jaeger, AtuI Prakash, Jochen Liedtke, Nayeem Islam 

May 1999 TransactloHS on Information and System Security (TISSEC), Volume 2 issue 2 

Publisher ACM Press 

Full text available: ^^jpdf(297.7fl KB) Additional Informalion: full citation, obstract- rafyrgnces. otfnq a. index lerma. review 

We present a security architecture that enables system and application a ccess control requirements 
to be enforced on applications composed from downloaded executable content. Downloaded 
executable content consists of messages downloaded from remote hosts that contain executables 
that run, upon receipt, on the downloading principal's machine. Unless restricted, this content can 
perform malicious actions, including accessing its downloading principal's private data and sending 
messages on th ... 

Keywords: access control models, authentication, autorization machanisms, collaborative systems, 
role -based access control 



* PICS: Internet access controls without censorshi p 
Paul Resnick, James Miller 

octoberi996 Communications of the ACM, volume 39 issue 10 



Publisher ACM Press 
Full text avaiJ^e: ^g|pdft29t.57 KB) 



Additional Information: MLsaMfea. Xflte£ffIK.es. flttOT, intf g Ji..lft' m :? 



Access control and signatures via quorum secret sharing 
Moni Naor, Avishai Wool 

January 1996 
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Proceedings of the 3rd ACM conference on Computer and communications security 

Publisher: ACI^ Press 

Full text avoltMa: ^^jodfri BS M8^ Addltkmal Information: fyll citation, rafefencea. oUoas. index lerma 



Interpreted coHaboration protocols and their use in groupware prototyping 
Richard Furuta, P. David Stotts 

October 1994 Procecdings of the 1994 ACM conference on Computer supported cooperative woric 

Publisher ACM Press 

Full text availoUe: ^^p d fQ .IS MB) Additional Information: 6;JLcilflli!Ml. JSbaiUKCt. W.fgrgngW. ^KDOi. insteLlgMli 

The correct and timely creation of systems for coordination of group work depends on the ability to 
express, analyze, and experiment with protocols for managing multiple work threads. We present an 
evolution of the Trellis model that provides a formal basis for prototyping the coordination structure 
of a collaboration system. In Trellis, group interaction protocols are represented separately from the 
interface processes that use them for coordination. Protocols are interpreted (rather than ... 

Keywords: Trellis, colored Petri net, coordination structure, dynamic protocol, formal methods, 
moderated meeting, process-based hypertext/hypermedia 
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An optimized contention protocol for broadband networks 
W. Worth Kirkman 

August 1987 /^^M Transactions on Computer Systems (TOCS), Volume 5 issue 3 

Publisher ACM Press 

Full text available: p fj f (^7P,?e KB) Additional Information: M.CjM'Ml. .*«tfiS!l. iefel.eDS.gS. insiffiUStm*. JlflJdOftt 



This paper describes the concepts underlying an alternative link-level protocol for broadband local 
networks. The protocol uses implicit slotting of the contention channel to support larger networks, 
improve performance, and provide reliable distributed collision recognition without reinforcement. It 
is designed such that compatible interfaces to existing CSMA/CD-based systems can be provided. 

A distributed systenn security architecture: applying the transport layer security protocol 
Mohammad Mirhakkak 

October 1993 SZGCOMM Computer Communication Review, volume 23 Issue 5 

Publisher: ACM Press 

Full text avaiisble: pdff 892.06 KBl Additional Information: full dlalion. abstract. |p ^yx terms 

A great deal of attention has been given to the development of Open Systems Interconnection (OS!) 
security protocols in recent years. However, limited work has been dedicated to using these 
protocols to develop security architectures for securing distributed systems consisting of trusted 
computer systems communicating via untrusted networks. This paper presents an overview of the 
Transport Layer Security Protocol (TLSP) and discusses its application to the development of a 
security architecture ... 

Access control for lar g e coliections 
H. M. Gladney 

April 1997 /^cM Transactions on Information Systems (TOIS), volume 15 issue 2 

Publisher: ACM Press 

FutI text available: pdf(4a2.88 KB) Additional Information: full citation, abstfact. roferertcfis. atiDoa. i ndm ter ms- review 



II text available: ^pljDdff4a2.88 KB^ 



Efforts to place vast information resources at the fingertips of each individual in large user 
populations must be balanced by commensurate attention to information protection. For distributed 
systems with less-structured tasks, more-diversified information, and a heterogeneous user set, the 
computing system must administer enterprise-chosen access control policies. One kind of resource 
is a digital library that emulates massive collections of paper and other physical media for clerical, 
en ... 

Keywords: access control, digital library, document, electronic library, information security 



Local networks 
William Stallings 

March 1984 /^^M Computing Surveys (CSUR), Volume 16 Issue i 

Publisher: ACM Press 

FutI text available: ptfft 3.Q.V.M,9J Additional Information: fulcHa-'iaa jflfiffitUKU rgisaPSSa. SiUim in£)jBiLt!um IfflrfSffi 

The rapidly evolving field of local network technology has produced a steady stream of local network 
products in recent years. The IEEE 802 standards that are now taking shape, because of their 
complexity, do little to narrow the range of alternative technical approaches and at the same time 
encourage more vendors into the field. The purpose of this paper is to present a systematic, 
organized overview of the alternative architectures for and design approaches to local networks. 
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An overview of PCTE and PCTE+ 

Gerard Boudier, Ferdinando Gallo, Regis Minot, Ian Thomas 

November 1988 y^^M SIGSOFT Softwarc Engineering Notes , ACM SIGPLAN Notices , Proceedings of 
the third ACM SIGSOFT/SIGPLAN software engineering symposium on Practical 
software development environments SDE 3, Volume 13 , 24 issue 5 , 2 

Publisher ACM Press 

FutI text Bvaileble: MB) Additional Information: full citation, abstract, feferences. ^liicas. iQd.fi?Llgmn 

The PCTE project has defined a Public Tool Interface on which Software Engineering Environ nnents 
can be constructed. The interface definition was put into the pubiic domain in September 1986 and 
several implementations on several machines now exist. The PCTE+ project was set up to define a 
Public Tool Interface, based on the PCTE work, that could also serve for the development of defense 
and other high-security applications. This paper summarises the current status of PCTE activity, 
presents ... 

Tools and approaches for developin g d ata-intensive Web applications: a survey 
Piero Fraternali 

September 1999 f^Qfj^ Computing Surveys (CSUR), volume 31 issue 3 

Publisher: ACM Press 

Full text available: i ^^pdff524.ao KBl Additional Information: full citation. ft} %\x^ c\.. referencfts. dtin g?. [ptjei^ lenns 

The exponential growth and capillar diffusion of the Web are nurturing a novel generation of 
applications, characterized by a direct business-to-customer relationship. The development of such 
applications is a hybrid between traditional IS development and Hypermedia authoring, and 
challenges the existing tools and approaches for software production. This paper investigates the 
current situation of Web development tools, both in the commercial and research fields, by 
identifying and characte ... 

Keywords: HTML, Intranet, WWW, application, development 



Design and performance of the Shasta distributed shared mem or y protoco l 
Daniel J. Scales, Kourosh Gharachorloo 

July 1997 Proceedings of the 11th international conference on Supercomputing 

Publisher: ACM Press 

Full text n/ailatde: JSKESUtliilMB) Additional tnfomation: full ciletion . references, ejtinys. index terms 



^* Programming languages for mobile code 
Tommy Thorn 

September 1997 y^^M Computing Surveys (CSUR), Volume 29 Issue 3 

Publisher ACM Press 

Full text available: rfS\ptUC393j&S.teB} Additional Information: {yli cMiaa .■SStJSltfiff.t. rsfetfiCCSS, citings, in dex te rms. isyiffiK 

m 

Sun's announcement of the programming language Java more that anything popularized the notion 
of mobile code, that is, programs traveling on a heterogeneous network and automatically executing 
upon arrival at the destination. We describe several classes of mobile code and extract their 
common characteristics, where security proves to be one of the major concerns. With these 
characteristics as reference points, we examine six representative languages proposed for mobile 
code. The conclusion ... 

Keywords: Java, Umbo, Objective CamI, Obliq, Safe-Tcl, distribution, formal methods, mobile 
code, network programming, object orientation, portability, safety, security, telescript 





T h e DGSA: unmet information s e curit v ch allen g es for operatin g s y st em d e s ig ners 
Edward A. Feustel, Terry Mayfield 

jaiiiiarYi996 SIGOPS Operating Systems Review, volume 32 Issue i 

Publisher: ACM Press 

Full text avsil^le' JS ^pdff1.4B MB> Additional Information: full citation. i^QsKJBCt. gi tings, index tenns 

n 

The Department of Defense (DoD) Goal Security Architecture (DGSA) introduces a broader view of 
information security from that previously held by the Department, one which has much more in 
common with the requirements of an inter-networked commercial view of information security. The 
purpose of this paper is to introduce designers of operating systems to the most important aspects 
of the DGSA conceptual framework in order to open discussions on both the suitability of the 
framework and the feasib ... 
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SIGACT News Staff 
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IS 



Januafyi980 ^^M SIGACT Ncws, Votume 12 Issue 1 

Publisher: ACM Press 

Full text available: ^^Ddrf5 28 MB1 Additional Information: full citation 



Technologies for repository interoperation and access control 

Shirley Browne, Jack Dongarra, Jeff Horner, Paul McMahan, Scott Wells 

May 1098 Proceedings of the third ACM conference on Digital libraries 

Publisher ACM Press 

Full text available: 4a^Kj[!UJiJdai Additional Information: M ClWiftR. rff'fffgnggS. .QitinflS. indfiSJatDlt 



The Lattice Security Model In A Public Com put in g Network 
Paul A. Karger 

Decennberi978 proceedings of the 1978 annual conference 

Publisher: ACM Press 

Full lext available: p^Jf(693. 7Q KB) Additional Information: f y lt pUg ltg ri- gfeylrapt- fefefenc<;8. jnde^ lerma 

This paper defines the lattice security model and shows it to be useful in private sector applications 
of decentralized computer networks. It examines discretionary security models and shows them to 
be Inadequate to protect against ''Trojan Horse" attacks. It examines the management of large 
security lattices and proposes solutions to the proliferation of categories problem. 

Keywords: Computer network security, Computer security. Data processing security, Lattice 
security model, Non-discretionary security 

IS '97: model curriculum and g uidelines for undergraduate de g ree programs in information 
systems 

Gordon B. Davis, John T. Gorgone, J. Daniel Couger, David L. Feinstein, Herbert E. Longenecker 
Decefnberig96 f^Qf^ SIGMIS Database , Guidelines for undergraduate degree programs on Model 

curriculum and guidelines for undergraduate degree programs in Information 

systems IS '97, volume 28 issue i 

Publisher ACM Press 

i}liadt(L24MB) Additional Information: fiilcitalffill, dtlDflS 



Grapevi ne: an exercise in distributed computing 
Andrew D. Birrell, Roy Levin, Michael D. Schroeder, Roger M. Needham 
April 1982 Communications of the ACM, Volume 25 Issue 4 

Publisher ACM Press 

Full text available: i^^jsdflJLZlMBJ Additional Information: MLsiMaO. flteSlceCi. f.«feL(!iJC)Ct CiJtooa. illdgJSiSUna 

Grapevine is a multicomputer system on the Xerox research Internet. It provides facilities for the 
delivery of digital messages such as computer mail; for naming people, machines, and services; for 
authenticating people and machines; and for locating services on the internet. This paper has two 
goals: to describe the system itself and to serve as a case study of a real application of distributed 
computing. Part I describes the set of services provided by Grapevine and how its data and funct ... 
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A. Lyman Chapin 

April 1994 siGCOMM Computer Communication Review, Volume 24 issue 2 

Publisher ACM Press 
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^ Security issues in ATM networks 
Danal Patlyoot, S. J. Shepard 

octoberi999 SIGOPS Operating Systems Review, Volume 33 issue 4 

PublUhen ACM Press 

Full twa available: ^^BflCLfiaiABi Additional Information: fijil , citation. .*5ttB£t. In^iftX 

This paper presents a survey of existing solutions aiming to secure communications over ATM 
network. Details are given about: the security services offered, their placement within ATM protocol 
reference model, the mechanism to negotiate security services, techniques to provides 
synchronisation and key exchange protocol. Additionally, this paper proposes a new ATM security 
solution. 



Keywords: ATM, security 



The trans port layer: tutorial and survey 
SamI Iren, Paul D. Amer, Phillip T. Conrad 

December 1999 ^^M Computing Surveys (CSUR), Volume 31 Issue 4 

Publisher ACM Press 

Full text available: ^^ BdJtC28JUZ5J^B} Additional Information: tulLciMCQ, atiEtf.fflf.t. XfitSL^Kes. gi.ting?,. ia4e;L(ffinM 

Transport layer protocols provide for end-to-end communication between two or more hosts. This 
paper presents a tutorial on transport layer concepts and terminology, and a survey of transport 
layer services and protocols. The transport layer protocol TCP is used as a reference point, and 
compared and contrasted with nineteen other protocols designed over the past two decades. The 
service and protocol features of twelve of the most Important protocols are summarized in both text 
and tables.< ... 

Keywords: TCP/IP networks, congestion control, flow control, transport protocol, transport service 



Towards tr ans parent and efficient software distributed shared memory 
Daniel J. Scales, Kourosh Gharachorloo 

October 1997 f^Qf^ SIGOPS Operating Systems Review , Proceedings of the sixteenth ACM 
symposium on Operating systems principles SOSP '97, Volume 31 Issue 5 



Publisher ACM Press 



Full text available: ^^|. pdf(2.34 MBl Additional Information: b/tLCtlalMU i:gfftfff.ry;e:^> sMlS. ir >d P.X„t ft rm3 



Informing memon/ operations: memory performance feedback mechanisms and their 
ap plications 

Mark Horowitz, Margaret Martonosi, Todd C. Mowry, Michael D. Smith 

May 1998 ^Qf^ Transactlons on Computer Systems (TOCS), Volume 16 issue 2 
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Publisher ACM Press 

Full text avaUsbIa: ^^aJIC3jjJAbaJ Additional Information: M, cHfl tl,Qn. jtmssA, rpfe fgric e?. ^ium iasteaL.t9m».. tffdffiK 

Memory latency is an important bottleneck in system performance that cannot be adequately solved 
by hardware alone. Several promising software techniques have been shown to address this 
problem successfully in specific situations. However, the generality of these software approaches 
has been limited because current architecturtes do not provide a fine-grained, low-overhead 
mechanism for observing and reacting to memory behavior directly. To fill this need, this article 
proposes a new class ... 

Keywords: cache miss notification, memory latency, processor architecture 



DAI DA: an environment for evolving information systems 
M. Jarl<e, J. Mylopoulos, J. W. Schmidt, Y. Vassiliou 

January 1992 y^^^ TransBCtions on Information Systems (TOIS), Volume 10 Issue i 

Publisher: ACM Press 

FutI text availabla: d^lcgl[QJl9id8J Additionel Information: M pi ^top. ibSilBSi, r eferences , sitings^ iDfilftLlg.tma. Utihm 



We present a framework for the development of information systems based on the premise that the 
knowledge that influences the development process needs to somehow be captured, represented, 
and managed if the development process is to be rationalized. Experiences with a prototype 
environment developed in ESPRIT project DAIDA demonstrate the approach. The project has 
implemented an environment based on state-of-the-art languages for requirements modeling, 
design and implementation of informat ... 

Keywords: knowledge engineering, mapping assistant, multi-level specification, repository, 
software information system, software process model 



User-centered security 

Mary Ellen Zurko, Richard T. Simon 

September 1996 proceedings of the 1996 workshop on New security paradigms 

Publisher ACM Press 

Full text available: ^^?|p< ;| f(W1. 91 KB) Additional Information: full cilalten. references. dUnqs. index tenns 



Keywords: authorization, security, user-centered 



A large-scale hypermedia applicatio n us ing document mana g ement and Web technolo g ies 
V. Balasubramanian, Alf Bashian, Daniel Porcher 

Apriii997 Proceedings of the eighth ACM conference on Hypertext 

Publisher: ACM Press 

Full text avail««e: <B|)psif(1,lS,MSl Additional Information: MifiMm- CEfi;jSD£5.S(. fltinflSl. iQSlaJLtetlDft 



Keywords: WWW, distributed authoring, document management, information retrival, publishing, 
systematic hypermedia design, templates, views, workflow 



A distributed trust model 

Alfarez Abdul-Rahman, Stephen Hailes 

January 1998 Proceedings of the 1997 workshop on New security paradigms 

Publisher: ACM Press 

Full text available; ^^^EdlULCIIMBi Additional Information; lyJlfiHillifin. [sSsrsnssii. P„tlDSS^ jn^ex t erms 



A taxonomy of comp uter pro gram security flaws 

Carl E. Landwehr, Alan R. Bull, John P. McDermott, William S. Choi 

September 1994 ^^M Computing Surveys (CSUR), Volume 26 issue 3 

Publisher: ACM Press 

Full lext avaitable; dHftfiSlllS'-fl-^LMBi Additional Information: (uLcMicD. fitesUtiiCl. f.fltef ft nc ? . ?- CiiiDflS, imtg,^^,.t<lf.mit- JSJdfia 



An organized record of actual flaws can be useful to computer system designers, programmers, 
analysts, administrators, and users. This survey provides a taxonomy for computer program security 
flaws, with an Appendix that documents 50 actual security flaws. These flaws have all been 
described previously in the open literature, but in widely separated places. For those new to the field 
of computer security, they provide a good introduction to the characteristics of security flaws and 
how they ... 
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Presto: an experimental architecture for fluid interactive document spaces 
Paul Dourish, W. Keith Edwards, Anthony LaMarca, Michael Salisbury 

June 1999 ^^M TransactioHS on Computer-Human Interaction (TOCHI), Volume 6 Issue 2 

Publisher ACM Press 

Full text avaQabla: ^^jDdff409.04 KB) Additional Information: full cttatton. tttSSia^ referencfts. dSDSU. index tenns 

Traditional docunnent systems use hierarchical filing structures as the basis for organizing, storing 
and retrieving documents. However, this structure is very limited in comparison with the rich and 
varied forms of document interaction and category management in everyday document use. Presto 
is a prototype document management system providing rich interaction with documents through 
meaningful, user-level document attributes, such as "Word file," "published paper," 8lI ... 

Keywords: attribute/value systems, direct manipulation, document management 



" Flexible coordination with cooperative hypertext 
Weigang Wang, Jorg M. Haake 

May 1998 Procecdings of the ninth ACM conference on Hypertext and hypermedia : links, 

objects, time and space — structure in hypermedia systems: links, objects, time and 
space — structure in hypermedia systems 

Publbher: ACM Press 

Full text availabia: diTlMll^SS-MB) Additional Information; jyUMigD. refer^m^S?- ctiingB. jri0iliU!tim. 




S emant i c file systems 

David K. Gifford, Pierre Jouvelot, Mark A. Sheldon, James W. O'Toole 

September 1991 SZGOPS Operating Systems Review , Proceedings of the thirteenth ACM 

symposium on Operating systems principles SOSP *91, Volume 25 issue 5 

Publisher ACM Press 

Fut) text avatlebia: ^|jDdf(1,06 MBl Additional Information: full citation, absuoct reference^, pjttrw^. jndex lenns 

A semantic file system is an information storage system that provides flexible associative access to 
the system's contents by automatically extracting attributes from files with file type specific 
transducers. Associative access is provided by a conservative extension to existing tree-structured 
file system protocols, and by protocols that are designed specifically for content based access. 
Compatiblity with existing file system protocols is provided by introducing the concept of a ... 

Secrecy by ty ping in security protocols 
Martin Abadi 

September 1999 Journal of the ACM (JACM), Volume 46 Issue 5 

Publisher ACM Press 

Full text availabia: ^^^psSKSgSJSJCBJ Additional Information: fr^lLctifltifit). (SfeSiCSKi. ISfstfiQCSS. (ailDflS. jpdex tefms . BUUSffi 

We develop principles and rules for achieving secrecy properties in security protocols. Our approach 
is based on traditional classification techniques, and extends those techniques to handle concurrent 
processes that use shared-key cryptography. The rules have the form of typing rules for a basic 
concurrent language with cryptographic primitives, the spi calculus. They guarantee that, if a 
protocol typechecks, then it does not leak its secret inputs. 

Keywords: cryptographic protocols, process calculi, secrecy properties 



SaveMe: a system for archiving electronic documents using messaging groupware 
Stefan Berchtold, Alexandres Biliris, Euthimios Panagos 

March 1999 SIGSOFT Software Engineering Notes , Proceedings of the international joint 

conference on Work activities coordination and collaboration WACC *99, Volume 24 
Issue 2 

Publisher ACM Press 

Full text available: ^gjliglpdff 1.47 MB^ Additional Information: futi citation. obstracL refererwes. index larnia 

Today, organizations deal with an ever-increasing number of documents that have to be archived 
because they are either related to their core business (e.g., product designs) or needed to meet 
corporate or legal retention requirements (e.g., voucher). In this paper, we present the architecture 
and prototype implementation of SaveMe, a document archival system that is based on network- 
centric groupware such as Internet standards-based messaging systems. In SaveMe, the actions of 
archiving, retriev ... 

Keywords: Internet, archiving, groupware, messaging 
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Flexible update propagation for weakly consistent replication 
Karln Petersen, Mike J, Spreitzer, Douglas B. Terry, Marvin M. Theimer, Alan J. Demers 
October 1997 ^^M SIGOPS Operating Systems Review , Proceedings of the sixteenth ACM 
symposium on Operating systems principles SOSP '97, volume 31 issue 5 

Publisher ACM Press 

Full text availttde: ^Sh oattX \e MB) Additional Infomiation: M cHgtign. W^ryKfffl. Q^nsa. Indc^ Icrms 



Memory oroanization in multi-channel optical networks: NUMA and COMA revisited 
Yan Yang Xiao, John K. Bennett 

jantjaiyigge Proceedings of the 10th international conference on Supercomputing 

Publisher ACM Press 

Full text avail *le; J5J|j!Slf£LQ3LMB} AdditionaJ Informatiwi: t\fn Q\oti<sn. lOffiZStlKfiS. infteiUffXinS. 



Distributed operating systems 

Andrew S. Tanenbaum, Robbert Van Renesse 

Decemberi985 ^CM Computing Survcys (CSUR), Volume 17 issue 4 

Publisher ACM Press 

Full text ovatlaUe: pdffS 49 MB^ Addilionai Information: full citation. ^trp<;t . refcfpnces. ^Jioai. index terns, r g yf ^ 



Distributed operating systems have many aspects in common with centralized ones, but they also 
differ in certain ways. This paper is intended as an introduction to distributed operating systems, 
and especially to current university research about them. After a discussion of what constitutes a 
distributed operating system and how it is distinguished from a computer network, various key 
design issues are discussed. Then several examples of current research projects are examined in 
some detail ... 

Performin g remote operations efficiently on a local computer network 
Alfred Z. Spector 

April 1982 Communications of the ACM, volume 25 Issue 4 

Publisher ACM Press 

Full text avail^e: ^ ^jpdfd.SS MB) Additional Information: full cilatton. abstract, references, atlnpa. index terms 

A communication model is described that can serve as a basis for a highly efficient communication 
subsystem for local networks. The model contains a taxonomy of communication instructions that 
can be implemented efficiently and can be a good basis for interprocessor communication. These 
communication instructions, called remote references, cause an operation to be performed by a 
remote process and, optionally, cause a value to be returned. This paper also presents 
implementation considerati ... 

Keywords: communication models, efficient communication, transactions 



** Ar c hitecture of the IBM system/37 Q 
Richard P. Case, Andris Padegs 

januaiyi978 Communications of the ACM, Volume 21 Issue 1 

Publisher ACM Press 

FutI text avail^le: ^^jDdff2.7a MB^ Additional Information: full citation. sb^ISSL feferencea. otinoa. in'Jc ?^ krms 

This paper discusses the design considerations for the architectural extensions that distinguish 
System/370 from SYStem/360. It comments on some experiences with the original objectives for 
System/360 and on the efforts to achieve them, and it describes the reasons and objectives for 
extending the architecture. It covers virtual storage, program control, data-manipulation 
instructions, timing facilities, multiprocessing, debugging and monitoring, error handling, and 
input/output operations. ... 

Keywords: architecture, computer systems, error handling, instruction sets, virtual storage 
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A security architecture for fault-tolerant systems 
Michael K. Reiter, Kenneth P. BIrnnan, Robbert van Renesse 

Novemberi994 f^Qf^ Transactions on Computer Systems (IOCS), Volume 12 Issue 4 

Publisher ACM Press 
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Process groups are a common abstraction for fault-tolerant computing in distributed systems. We 
present a security architecture that extends the process group into a security abstraction. Integral 
parts of this architecture are services that securely and fault tolerantly support cryptographic key 
distribution. Using replication only when necessary, and introducing novel replication techniques 
when it was necessary, we have constructed these services both to be easily defensible against 
atta ... 



Keywords: key distribution, multicast, process groups 



Session IV - hypertext systems: Intermedia: issues, strategies, and tactics in the design of a 

hypermedia document system 

L. Nancy Garrett, Karen E. Smith, Norman Meyrowitz 

Decemberi986 proceedings of the 1986 ACM conference on Computer-supported cooperative work 

Publisher: ACM Press 

Full (exl avatiabia; ^■'l pdff1.2Q MB\ Additional Information: full citation, abstract, references, citings 

1^ 

A hypermedia system provides a tool for cooperative work by allowing writers and designers to 
share a network of linked documents where they can create documents, link their own and others' 
documents together, and leave notes for one another. This paper discusses issues that designers 
need to address In the development of hypermedia systems. Major issues involve what kind of 
linking, contexts, and visual modeling the system provides. The composite of the answers to these 
issues determines the na ... 

Building real-time qroupware with GroupKit. a qrou pware toolkit 
Mark Roseman, Saul Greenberg 

March 1996 f^Qi^ Transactions on Computer-Human Interaction (TOCHI), volume 3 issue i 

Publisher ACM Press 

Full text available: cxtff 2.74 M8) Additional Information: futl citation- abstract fefererces. ciilngs. terma. review 

This article presents an overview of GroupKit, a groupware toolkit that lets developers build 
applications for synchronous and distributed computer-based conferencing. GroupKit was 
constructed from our belief that programming groupware should be only slightly harder than 
building functionally similar single-user systems. We have been able to significantly reduce the 
implementation complexity of groupware through the key features that comprise GroupKit. A 
runtime infrastructure 

Keywords: GroupKit, computer-supported cooperative work, groupware toolkits, synchronous 
groupware, user interface toolkits 



Making sense of software engineering environment framework standards 
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Data sharing in group work 
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Data sharing is fundannental to conn puter- supported cooperative work: People share information 
through explicit communication channels and through their coordinated use of shared databases. 
This paper examines the data management requirements of group work applications on the basis of 
experience with three prototype systems and on observations from the literature. Database and 
object management technologies that support these requirements are briefly surveyed, and 
unresolved issues in the par ... 

Bibliography of recent publication in computer networking 

July 1989 ACM SIGCOMM Computer Communication Review, Volume 19 issue 3 

Publisher ACM Press 
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Security issues with TCP/IP 
Renqi Li, E. A. Unger 

June 1995 ACM SIGAPP Applied Computing Review, Volume 3 issue i 

Publisher ACM Press 

Full text avattabia: | jB^ B tif(60l -12 KBl Additional Infonnatton: ftjll ff i^ ^ ^{ 9n■ fl b , ^trw;t . index terms 

An introduction to network security , basic definitions and aa brief discussion of the architecture of 
TCP/IP as well as the Open System Intercornnection(OSI) Reference Model open the paper. The 
relationship between TCP/IP and of some OSI layers is described. An indepth look is provided to the 
major protocols in TCP/IP suite and the security features and problems in this suite of protocols. The 
secutiy problems are discussed in the context ofthe protocol services. 

Keywords: TCP/IP, Unix, network security, security 



^ A logic for reasoning about security 
^ Janice Glasgow, Glenn Macewen, Prakash Panangaden 

^ August 1992 Transactions on Computer Systems (TOCS), Volume 10 issue 3 

Publisher ACM Press 

Full text available: i^^ciJfUJ&Jiiej. Additional Information: IwE-ffllOliaa jClfeSttflS.t, isisiftmia.. citinaa. indfaa^JITOS. 

A formal framework called Security Logic (SL) is developed for specifying and reasoning about 
security policies and for verifying that system designs adhere to such policies. Included in this modal 
logic framework are definitions of knowledge, permission, and obligation. Permission is used to 
specify secrecy policies and obligation to specify integrity policies. The combination of policies is 
addressed and examples based on ... 

Keywords: composition knowledge, integrity, logic, obligation, permission, policy, possible-worlds, 
secrecy, security, time 



Personal distributed computing: the Alto and Ethernet software 
Butler Lampson 

January 1986 proceedings of the ACM Conference on The history of personal workstations 

Publisher ACM Press 

Full text available: J5?ti? tf .f( ?. P Q .,MB.) Additional Information: M.glMffin- 0keti:Kt. refere nces. sUlosa. irrfflX tg rm^ 

m 

The personal distributed computing system based on the Alto and the Ethernet was a major effort to 
make computers help people to think and communicate. The paper describes the complex and 
diverse collection of software that was built to pursue this goal, ranging from operating systems, 
programming environments, and communications software to printing and file servers, user 
interfaces, and applications such as editors, illustrators, and mail systems. 

UIO: a uniform I/O system interface for distributed s ystems 
David R. Cheriton 

January 1987 ^^M Transactions on Computer Systems (TOCS), volume 5 issue i 

Publisher ACM Press 

Full taxi avatlabia: ^^|p <lft 3 , 2 fl.MB) Additional Information: &t[Lcitalifi!a. dtiSiKLQCi. adsuSESSSj tiUnOi. Ipctffl terma- rgvjgw 

A uniform I/O interface allows programs to be written relatively independently of specific I/O 
services and yet work with a wide variety of the I/O services available in a distributed environment. 
Ideally, the interface provides this uniform access without excessive complexity in the interface or 
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loss of performance. However, a uniform interface does not arise from careful design of individual 
system interfaces alone; it requires explicit definition. In tliis paper, the UIO (unifo ... 

Middleware: a model for distributed system services 
Philip A. Bernstein 

February 1996 Communications of the ACM, Volume 39 issue 2 

Publbher ACM Press 

Full text avellabte: ^iiiilB pdff23a 25 KBl Additional Information: f^ifl dlatton. referencas. dtinos. \n<^ tcnna 

1^ 



Distributed systems - programming and management: On remote procedure call 
Patricia Gomes Soares 

November 1992 Proceedings of the 1992 conference of the Centre for Advanced Studies on 
Collaborative research - Volume 2 

Publisher IBM Press 

Additional Information; lylcilfljjfin. ifeSEIlflsa, KfeKCSasS. J^liOOa 



Full text available; ^ ^| BtjIC15£JtlBl 



The Remote Procedure Call (RPC) paradigm is reviewed. The concept is described, along with the 
backbone structure of the mechanisms that support it. An overview of works in supporting these 
mechanisms is discussed. Extensions to the paradigm that have been proposed to enlarge its 
suitability, are studied. The main contributions of this paper are a standard view and classification of 
RPC mechanisms according to different perspectives, and a snapshot of the paradigm in use today 
and of goals for t ... 

A federated architecture for information management I 
Dennis Heimbtgner, Dennis McLeod 

July 1985 f^Qf^ Transactions on Information Systems (TOIS), Volume 3 issue 3 

Publisher: ACM Press 

Full text availeble: pdft2. 1 9 MBl Additional Information: full citalion. obslract. refgrenees. qMh. in<? ff?< t^rm^ 

1^ 

An approach to the coordinated sharing and interchange of computerized information is described 
emphasizing partial, controlled sharing among autonomous databases. Office information systems 
provide a particularly appropriate context for this type of information sharing and exchange. A 
federated database architecture is described in which a collection of independent database systems 
are united into a loosely coupled federation in order to share and exchange information. A federation 
consist ... 

H ypervisor-based fault tolerance I 
Thomas C. Bressoud, Fred B. Schneider 

February 1996 ^^M Transactions on Computer Systems (TOCS), Volume 14 issue i 

Publisher: ACM Press 

Full text available; ^^|DdfM .69 MB> Additional InformatiOTi: full citation, cbstrnct. references, citintps. index terms 

Protocols to implement a fault- tolerant computing system are described. These protocols augment 
the hypervisor of a virtual-machine manager and coordinate a primary virtual machine with its 
backup. No modifications to the hardware, operating system, or application programs are required. 
A prototype system was constructed for HP's PA- RISC instruction -set architecture. Even though the 
prototype was not carefully tuned, it ran programs about a factor of 2 slower than a bare machine 
would. 

Keywords: fault-tolerant computing system, primary/backup approach, virtual-machine manager 



Efficient communication strategies for ad-hoc wireless networks (extended abstract) 
Micah Adier, Christian Scheideler 

June 1998 Proceedings of the tenth annual ACM symposium on Parallel algorithms and 
architectures 
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Belief reasoning In MLS deductive databases 
Hasan M. Jamil 

June 1999 f^Q^^ SIGMOD Record , Proceedings of the 1999 ACM SIGMOD international 
conference on Management of data SIGMOD '99, Volume 28 issue 2 

Publisher ACM Press 
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It is envisaged that the application of the multilevel security (MLS) scheme will enhance flexibility 
and effectiveness of authorization policies in shared enterprise databases and will replace 
cumbersome authorization enforcement practices through complicated view definitions on a per user 
basis. However, as advances in this area are being made and ideas crystallized, the concomitant 
weaknesses of the MLS databases are also surfacing. We insist that the critical problem with the 
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Whiteboards: a graphical database tool 
James Donahue, Jennifer Widom 

January 1986 ^CM Transactions on Information Systems (TOIS), Volume 4 issue i 

Publisher ACM Press 

Full loxl avttitabte: I^^AdlUwltMfi) Additional Information: ftifl pi t p^ion. fibs^tacl VSIoSDSSSj aSiDOi- iOjlSSjfiims. review 

The "Whiteboards" system is intended to be an electronic equivalent of the whiteboards and 
corkboards that we have in our offices. A Whiteboard database has similar qualities of storing 
disparate collections of data and saving their spatial location in a window to help with organization. 
A Whiteboard database can contain references to arbitrary entities: text files, notes, programs, 
tools, pictures, etc. Whiteboards runs as an application in the Cedar programming environment 
dev ... 

Network locality at the scale of processes 
Jeffrey C. Mogul 

May 1992 f^Qf^ TransactioHS on Computer Systems (TOGS), volume lO issue 2 

Publisher: ACM Press 

Full texl available: ^^igjpdrfl BOMB) AddiltonsI Information: full citatton. ^^ tr j^f. refgrenC^S- ff^T TOS- index terms, review 

Packets on a LAN can be viewed as a series of references to and from the objects they address. The 
amount of locality in this reference stream may be critical to the efficiency of network 
implementations, if the locality can be exploited through caching or scheduling mechanisms. Most 
previous studies have treated network locality with an addressing granularity of networks or 
individual hosts. This paper describes some experiments tracing locality at a finer grain, looking at 
references to i ... 

Keywords: context switching, dallying, locality of reference, remote procedure calls 



To polog ical desig n of local-area networks using geneti c algorithms 
Reuven Elbaum, Moshe Sidi 

October 1996 IEEE/ACM Transactions on Networking (TON), Volume 4 Issue 5 

Publisher IEEE Press 
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Estimating the multiplicities of conflicts to speed their resolution in multiple access channels 
Albert G. Greenberg, Philippe Flajolet, Richard E. Ladner 
ApriM987 Joumal of the ACM (JACM), Volume 34 issue 2 

Publisher ACM Press 

Full text available: ^Bj^ BttfCZ^-MSi Additional Information: fijlljaiajjoa abJIltact. rg.tPfSnSft?r saiioas, ia(lffiS..tenns. LfivJSA 

New, Improved algorithms are proposed for regulating access to a multiple-access channel, a 
common channel shared by many geographically distributed computing stations. A conflict of 
multiplicity n occurs when n stations transmit simultaneously to the channel. As a result, all stations 
receive feedback indicating whether n is 0, 1, or ^2. If n = 1, the transmission succeeds; whereas 
if n ^ 2, all the ... 
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Liu, S. Mehrotra, C. M. Cheng 
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This paper presents the architectural design and RISC based implementation of a prototype 
supercomputer, namely the Orthogonal Multiprocessor (OMP). The OMP system is constructed with 
16 Intel 1860 RISC microprocessors and 256 parallel memory modules, which are 2-D interleaved 
and orthogonally accessed using custom-designed spanning buses. The architectural design has 
been validated by a CSIM-based multiprocessor simulator. The design choices are based on worst- 
case delay a ... 



" The clearin g house: a decentralized agent for locatin g named objects in a distributed 
environment 

Derel< C. Oppen, Yogen K. Dalai 

July 1983 f^Qf^ Transactions on Information Systems (TOIS), Volume i issue 3 
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We describe a plan to create an auditable version of Multics. The engineering experiments of that 
plan are now complete. Type extension as a design discipline has been demonstrated feasible, even 
for the internal workings of an operating system, where many subtle intermodule dependencies 
were discovered and controlled. Insight was gained into several tradeoffs between kernel complexity 
and user semantics. The performance and size effects of this work are encouraging. We conclude 
that verifi ... 

Keywords: Multics, Operating systems. Protection, Security, Security kernel. Supervisors, Type 
extension. Verifiable systems 
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Filing services have experienced a number of innovations In recent years, but many of these 
promising ideas have failed to enter Into broad use. One reason is that current filing environments 
present several barriers to new development. For example, file systems today typically stand alone 
instead of building on the work of others, and support of new filing services often requires changes 
that invalidate existing work. Stackable file-system design addresses these issues in severa ... 

Keywords: composabiltty, file system design, operating system structure, reuse 
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Distributed environment: Name space models for locating services 
Nigel Hinds, C. V. Ravishankar 

October 1991 Proceedings of the 1991 conference of the Centre for Advanced Studies on 
Collaborative research 

Publisher: IBM Press 
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Much of recent work on computer systems has focused on providing transparent resource-sharing in 
a distributed computing environment. Many of these systems use the server-client model to provide 
access to data and services. As more distributed services are offered and the demand for sharing 
increases in these environments, efficient management and accessing schemes become crucial. 
Locating sen/ices makes name service a critical part of access management.This report describes 
some of the w ... 

Integrating communication, cooperation, and awareness: the DIVA virtual office environment 
Markus Sohlenkamp, Greg Chwelos 

October 1994 Proceedings of the 1994 ACM conference on Computer supported cooperative work 

Publisher: ACM Press 
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DIVA, a novel environment for group work, is presented. This prototype virtual office environment 
provides support for communication, cooperation, and awareness in both the synchronous and 
asynchronous modes, smoothly integrated into a simple and intuitive interface which may be viewed 
as a replacement for the standard graphical user interface desktop. In order to utilize the skills that 
people have acquired through years of shared work in real offices, DIVA is modeled after the 
standard of ... 

Keywords: CSCW, awareness, groupware, integration, synchronous/asynchronous, virtual office 
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This article presents a case study of the development of the Intermedia system, a large, object- 
oriented hypermedia system and associated applications development framework providing 
sophisticated document linkages. First it presents the educational and technological objectives 
underlying the project. Subsequent sections capture the process of developing the Intermedia 
product and detail its architecture and construction, concentrating on the areas in which object- 
oriented technology has ha ... 

The Zebra striped net work file system 
John H. Hartman, John K. Ousterhout 

August 1995 f^Qf^ Transactlons on Computer Systems (TOCS), volume 13 issue 3 

Publisher ACM Press 
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Zebra is a network file system that increases throughput by striping the file data across multiple 
servers. Rather than striping each file separately. Zebra forms all the new data from each client into 
a single stream, which it then stripes using an approach similar to a log-structured file system. This 
provides high performance for writes of small files as well as for reads and writes of large files. 
Zebra also writes parity information in each stripe in the style of RAID disk arrays; this ... 

Keywords: RAID, log-based striping, log -structured file system, parity computation 

" Chiron -1: a so ftware architecture for user interface deve lo pment, maintenance, and run-time 
support 
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The Chiron- 1 user interface system demonstrates key techniques that enable a strict separation of 
an application from its user interface. These techniques include separating the control-flow aspects 
of the application and user interface: they are concurrent and may contain many threads. Chiron 
also separates windowing and look-and-feel issues from dialogue and abstract presentation 
decisions via mechanisms employing a client-server architecture. To separate application code from 
user interf ... 

Keywords: artists, client-server, concurrency, event-based integration, user interface architectures 
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Lightweight Remote Procedure Call (LRPC) is a communication facility designed and optimized for 
communication between protection domains on the same machine. In contemporary small-kernel 
operating systems, existing RPC systems incur an unnecessarily high cost when used for the type of 
communication that predominates— between protection domains on the same machine. This cost 
leads system designers to coalesce weakly related subsystems into the same protection domain, 
trading safety for ... 
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This article describes a series of tests of the generality of a "radically tailorable" tool for cooperative 
work. Users of this system can create applications by combining and modifying four kinds of building 
blocks: objects, views, agents, and links. We found that user-level tailoring of these primitives can 
provide most of the functionality found in well-known cooperative work systems such as gIBIS, 
Coordinator, Lotus Notes, and Information Le ... 
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The classical object model supports private data within objects and clean interfaces between 
objects, and by definition does not permit sharing of data among arbitrary objects. This is a problem 
for real-world applications, such as advanced financial services and integrated network 
management, where the same data logically belong to multiple objects and may be distributed over 
multiple nodes on the network. Rather than give up the advantages of encapsulated objects in 
modeling real-world en ... 
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UNIX is a general-purpose, multi-user, interactive operating system for the Digital Equipment 
Corporation PDP-11/40 and 11/45 computers. It offers a number of features seldom found even in 
larger operating systems, including: (1) a hierarchical file system incorporating demountable 
volumes; (2) compatible file, device, and inter-process I/O; (3) the ability to initiate asynchronous 
processes; (4) system command language selectable on a per-user basis; and (5) over 100 
subsystems including a ... 
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A transaction processing (TP) application is a program that performs an administrative function by 
accessing a shared database on behalf of an on-line user. A TP system Is an integrated set of 
products that supports TP applications. These products include both hardware, such as processors, 
memories, disks and communications controllers, and software such as operating systems (Oss), 
database management systems (DBMSs), computer networks and TP monitors. Much of the 
Integration of these prod ... 
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UNIX is a general-purpose, multi-user, interactive operating system for the Digital Equipment 
Corporation PDP-11/40 and 11/45 computers. It offers a number of features seldom found even in a 
larger operating systems, including: (1) a hierarchical file system incorporating demountable 
volumes; (2) compatible file, device, and inter-process I/O; (3) the ability to initiate asynchronous 
processes; (4) system command language selectable on a per-user basis; and (5) over 100 
subsystems including ... 
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The Importance of requirement engineering in the software development process has been widely 
recognised by the scientific community. One of the major error sources that arise in this phase is 
represented by ineffectual communication between users and analysts. Valusek and Fryback in [32] 
identify three classes of communication obstacles to a successful elicitation of requirements. 
Purpose of this paper is to discuss these obstacles and to identify the structure of a CASE tool that 
may allow to o ... 
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